mirror of
https://github.com/yiisoft/yii2.git
synced 2025-11-17 14:57:23 +08:00
refactored RBAC.
This commit is contained in:
Qiang Xue
@@ -16,97 +16,40 @@ use yii\base\Object;
|
||||
* Do not create a Assignment instance using the 'new' operator.
|
||||
* Instead, call [[Manager::assign()]].
|
||||
*
|
||||
* @property mixed $userId User ID (see [[User::id]]).
|
||||
* @property string $itemName The authorization item name.
|
||||
* @property string $bizRule The business rule associated with this assignment.
|
||||
* @property mixed $data Additional data for this assignment.
|
||||
*
|
||||
* @author Qiang Xue <qiang.xue@gmail.com>
|
||||
* @author Alexander Kochetov <creocoder@gmail.com>
|
||||
* @since 2.0
|
||||
*/
|
||||
class Assignment extends Object
|
||||
{
|
||||
private $_auth;
|
||||
private $_userId;
|
||||
private $_itemName;
|
||||
private $_bizRule;
|
||||
private $_data;
|
||||
|
||||
/**
|
||||
* Constructor.
|
||||
* @param Manager $auth the authorization manager
|
||||
* @param mixed $userId user ID (see [[User::id]])
|
||||
* @param string $itemName authorization item name
|
||||
* @param string $bizRule the business rule associated with this assignment
|
||||
* @param mixed $data additional data for this assignment
|
||||
* @var Manager the auth manager of this item
|
||||
*/
|
||||
public function __construct($auth, $userId, $itemName, $bizRule = null, $data = null)
|
||||
{
|
||||
$this->_auth = $auth;
|
||||
$this->_userId = $userId;
|
||||
$this->_itemName = $itemName;
|
||||
$this->_bizRule = $bizRule;
|
||||
$this->_data = $data;
|
||||
}
|
||||
|
||||
public $manager;
|
||||
/**
|
||||
* @return mixed user ID (see [[User::id]])
|
||||
* @var string the business rule associated with this assignment
|
||||
*/
|
||||
public function getUserId()
|
||||
{
|
||||
return $this->_userId;
|
||||
}
|
||||
|
||||
public $bizRule;
|
||||
/**
|
||||
* @return string the authorization item name
|
||||
* @var mixed additional data for this assignment
|
||||
*/
|
||||
public function getItemName()
|
||||
{
|
||||
return $this->_itemName;
|
||||
}
|
||||
|
||||
public $data;
|
||||
/**
|
||||
* @return string the business rule associated with this assignment
|
||||
* @var mixed user ID (see [[User::id]]). Do not modify this property after it is populated.
|
||||
* To modify the user ID of an assignment, you must remove the assignment and create a new one.
|
||||
*/
|
||||
public function getBizRule()
|
||||
{
|
||||
return $this->_bizRule;
|
||||
}
|
||||
|
||||
public $userId;
|
||||
/**
|
||||
* @param string $value the business rule associated with this assignment
|
||||
* @return string the authorization item name. Do not modify this property after it is populated.
|
||||
* To modify the item name of an assignment, you must remove the assignment and create a new one.
|
||||
*/
|
||||
public function setBizRule($value)
|
||||
{
|
||||
if ($this->_bizRule !== $value) {
|
||||
$this->_bizRule = $value;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return mixed additional data for this assignment
|
||||
*/
|
||||
public function getData()
|
||||
{
|
||||
return $this->_data;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param mixed $value additional data for this assignment
|
||||
*/
|
||||
public function setData($value)
|
||||
{
|
||||
if ($this->_data !== $value) {
|
||||
$this->_data = $value;
|
||||
}
|
||||
}
|
||||
public $itemName;
|
||||
|
||||
/**
|
||||
* Saves the changes to an authorization assignment.
|
||||
*/
|
||||
public function save()
|
||||
{
|
||||
$this->_auth->saveAssignment($this);
|
||||
$this->manager->saveAssignment($this);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,8 +24,6 @@ use yii\base\InvalidParamException;
|
||||
* the three tables used to store the authorization data by setting [[itemTable]],
|
||||
* [[itemChildTable]] and [[assignmentTable]].
|
||||
*
|
||||
* @property array $authItems The authorization items of the specific type.
|
||||
*
|
||||
* @author Qiang Xue <qiang.xue@gmail.com>
|
||||
* @author Alexander Kochetov <creocoder@gmail.com>
|
||||
* @since 2.0
|
||||
@@ -106,13 +104,13 @@ class DbManager extends Manager
|
||||
if (!isset($params['userId'])) {
|
||||
$params['userId'] = $userId;
|
||||
}
|
||||
if ($this->executeBizRule($item->getBizRule(), $params, $item->getData())) {
|
||||
if ($this->executeBizRule($item->bizRule, $params, $item->data)) {
|
||||
if (in_array($itemName, $this->defaultRoles)) {
|
||||
return true;
|
||||
}
|
||||
if (isset($assignments[$itemName])) {
|
||||
$assignment = $assignments[$itemName];
|
||||
if ($this->executeBizRule($assignment->getBizRule(), $params, $assignment->getData())) {
|
||||
if ($this->executeBizRule($assignment->bizRule, $params, $assignment->data)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -207,7 +205,7 @@ class DbManager extends Manager
|
||||
public function getItemChildren($names)
|
||||
{
|
||||
$query = new Query;
|
||||
$rows = $query->select(array('name', 'type', 'description', 'bizrule', 'data'))
|
||||
$rows = $query->select(array('name', 'type', 'description', 'biz_rule', 'data'))
|
||||
->from(array($this->itemTable, $this->itemChildTable))
|
||||
->where(array('parent' => $names, 'name' => new Expression('child')))
|
||||
->createCommand($this->db)
|
||||
@@ -217,7 +215,14 @@ class DbManager extends Manager
|
||||
if (($data = @unserialize($row['data'])) === false) {
|
||||
$data = null;
|
||||
}
|
||||
$children[$row['name']] = new Item($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], $data);
|
||||
$children[$row['name']] = new Item(array(
|
||||
'manager' => $this,
|
||||
'name' => $row['name'],
|
||||
'type' => $row['type'],
|
||||
'description' => $row['description'],
|
||||
'bizRule' => $row['biz_rule'],
|
||||
'data' => $data,
|
||||
));
|
||||
}
|
||||
return $children;
|
||||
}
|
||||
@@ -241,10 +246,16 @@ class DbManager extends Manager
|
||||
->insert($this->assignmentTable, array(
|
||||
'user_id' => $userId,
|
||||
'item_name' => $itemName,
|
||||
'bizrule' => $bizRule,
|
||||
'biz_rule' => $bizRule,
|
||||
'data' => serialize($data),
|
||||
));
|
||||
return new Assignment($this, $userId, $itemName, $bizRule, $data);
|
||||
return new Assignment(array(
|
||||
'manager' => $this,
|
||||
'userId' => $userId,
|
||||
'itemName' => $itemName,
|
||||
'bizRule' => $bizRule,
|
||||
'data' => $data,
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -293,7 +304,13 @@ class DbManager extends Manager
|
||||
if (($data = @unserialize($row['data'])) === false) {
|
||||
$data = null;
|
||||
}
|
||||
return new Assignment($this, $row['user_id'], $row['item_name'], $row['bizrule'], $data);
|
||||
return new Assignment(array(
|
||||
'manager' => $this,
|
||||
'userId' => $row['user_id'],
|
||||
'itemName' => $row['item_name'],
|
||||
'bizRule' => $row['biz_rule'],
|
||||
'data' => $data,
|
||||
));
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
@@ -317,7 +334,13 @@ class DbManager extends Manager
|
||||
if (($data = @unserialize($row['data'])) === false) {
|
||||
$data = null;
|
||||
}
|
||||
$assignments[$row['item_name']] = new Assignment($this, $row['user_id'], $row['item_name'], $row['bizrule'], $data);
|
||||
$assignments[$row['item_name']] = new Assignment(array(
|
||||
'manager' => $this,
|
||||
'userId' => $row['user_id'],
|
||||
'itemName' => $row['item_name'],
|
||||
'bizRule' => $row['biz_rule'],
|
||||
'data' => $data,
|
||||
));
|
||||
}
|
||||
return $assignments;
|
||||
}
|
||||
@@ -330,11 +353,11 @@ class DbManager extends Manager
|
||||
{
|
||||
$this->db->createCommand()
|
||||
->update($this->assignmentTable, array(
|
||||
'bizrule' => $assignment->getBizRule(),
|
||||
'data' => serialize($assignment->getData()),
|
||||
'biz_rule' => $assignment->bizRule,
|
||||
'data' => serialize($assignment->data),
|
||||
), array(
|
||||
'user_id' => $assignment->getUserId(),
|
||||
'item_name' => $assignment->getItemName(),
|
||||
'user_id' => $assignment->userId,
|
||||
'item_name' => $assignment->itemName,
|
||||
));
|
||||
}
|
||||
|
||||
@@ -357,12 +380,12 @@ class DbManager extends Manager
|
||||
->where(array('type' => $type))
|
||||
->createCommand($this->db);
|
||||
} elseif ($type === null) {
|
||||
$command = $query->select(array('name', 'type', 'description', 't1.bizrule', 't1.data'))
|
||||
$command = $query->select(array('name', 'type', 'description', 't1.biz_rule', 't1.data'))
|
||||
->from(array($this->itemTable . ' t1', $this->assignmentTable . ' t2'))
|
||||
->where(array('user_id' => $userId, 'name' => new Expression('item_name')))
|
||||
->createCommand($this->db);
|
||||
} else {
|
||||
$command = $query->select('name', 'type', 'description', 't1.bizrule', 't1.data')
|
||||
$command = $query->select('name', 'type', 'description', 't1.biz_rule', 't1.data')
|
||||
->from(array($this->itemTable . ' t1', $this->assignmentTable . ' t2'))
|
||||
->where(array('user_id' => $userId, 'type' => $type, 'name' => new Expression('item_name')))
|
||||
->createCommand($this->db);
|
||||
@@ -372,7 +395,14 @@ class DbManager extends Manager
|
||||
if (($data = @unserialize($row['data'])) === false) {
|
||||
$data = null;
|
||||
}
|
||||
$items[$row['name']] = new Item($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], $data);
|
||||
$items[$row['name']] = new Item(array(
|
||||
'manager' => $this,
|
||||
'name' => $row['name'],
|
||||
'type' => $row['type'],
|
||||
'description' => $row['description'],
|
||||
'bizRule' => $row['biz_rule'],
|
||||
'data' => $data,
|
||||
));
|
||||
}
|
||||
return $items;
|
||||
}
|
||||
@@ -399,10 +429,17 @@ class DbManager extends Manager
|
||||
'name' => $name,
|
||||
'type' => $type,
|
||||
'description' => $description,
|
||||
'bizrule' => $bizRule,
|
||||
'biz_rule' => $bizRule,
|
||||
'data' => serialize($data),
|
||||
));
|
||||
return new Item($this, $name, $type, $description, $bizRule, $data);
|
||||
return new Item(array(
|
||||
'manager' => $this,
|
||||
'name' => $name,
|
||||
'type' => $type,
|
||||
'description' => $description,
|
||||
'bizRule' => $bizRule,
|
||||
'data' => $data,
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -439,7 +476,14 @@ class DbManager extends Manager
|
||||
if (($data = @unserialize($row['data'])) === false) {
|
||||
$data = null;
|
||||
}
|
||||
return new Item($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], $data);
|
||||
return new Item(array(
|
||||
'manager' => $this,
|
||||
'name' => $row['name'],
|
||||
'type' => $row['type'],
|
||||
'description' => $row['description'],
|
||||
'bizRule' => $row['biz_rule'],
|
||||
'data' => $data,
|
||||
));
|
||||
} else
|
||||
return null;
|
||||
}
|
||||
@@ -463,10 +507,10 @@ class DbManager extends Manager
|
||||
$this->db->createCommand()
|
||||
->update($this->itemTable, array(
|
||||
'name' => $item->getName(),
|
||||
'type' => $item->getType(),
|
||||
'description' => $item->getDescription(),
|
||||
'bizrule' => $item->getBizRule(),
|
||||
'data' => serialize($item->getData()),
|
||||
'type' => $item->type,
|
||||
'description' => $item->description,
|
||||
'biz_rule' => $item->bizRule,
|
||||
'data' => serialize($item->data),
|
||||
), array(
|
||||
'name' => $oldName === null ? $item->getName() : $oldName,
|
||||
));
|
||||
|
||||
@@ -18,14 +18,6 @@ use yii\base\Object;
|
||||
* A user may be assigned one or several authorization items (called [[Assignment]] assignments).
|
||||
* He can perform an operation only when it is among his assigned items.
|
||||
*
|
||||
* @property Manager $authManager The authorization manager.
|
||||
* @property integer $type The authorization item type. This could be 0 (operation), 1 (task) or 2 (role).
|
||||
* @property string $name The item name.
|
||||
* @property string $description The item description.
|
||||
* @property string $bizRule The business rule associated with this item.
|
||||
* @property mixed $data The additional data associated with this item.
|
||||
* @property array $children All child items of this item.
|
||||
*
|
||||
* @author Qiang Xue <qiang.xue@gmail.com>
|
||||
* @author Alexander Kochetov <creocoder@gmail.com>
|
||||
* @since 2.0
|
||||
@@ -36,32 +28,30 @@ class Item extends Object
|
||||
const TYPE_TASK = 1;
|
||||
const TYPE_ROLE = 2;
|
||||
|
||||
private $_auth;
|
||||
private $_type;
|
||||
/**
|
||||
* @var Manager the auth manager of this item
|
||||
*/
|
||||
public $manager;
|
||||
/**
|
||||
* @var string the item description
|
||||
*/
|
||||
public $description;
|
||||
/**
|
||||
* @var string the business rule associated with this item
|
||||
*/
|
||||
public $bizRule;
|
||||
/**
|
||||
* @var mixed the additional data associated with this item
|
||||
*/
|
||||
public $data;
|
||||
/**
|
||||
* @var integer the authorization item type. This could be 0 (operation), 1 (task) or 2 (role).
|
||||
*/
|
||||
public $type;
|
||||
|
||||
private $_name;
|
||||
private $_oldName;
|
||||
private $_description;
|
||||
private $_bizRule;
|
||||
private $_data;
|
||||
|
||||
/**
|
||||
* Constructor.
|
||||
* @param Manager $auth authorization manager
|
||||
* @param string $name authorization item name
|
||||
* @param integer $type authorization item type. This can be 0 (operation), 1 (task) or 2 (role).
|
||||
* @param string $description the description
|
||||
* @param string $bizRule the business rule associated with this item
|
||||
* @param mixed $data additional data for this item
|
||||
*/
|
||||
public function __construct($auth, $name, $type, $description = '', $bizRule = null, $data = null)
|
||||
{
|
||||
$this->_type = (int)$type;
|
||||
$this->_auth = $auth;
|
||||
$this->_name = $name;
|
||||
$this->_description = $description;
|
||||
$this->_bizRule = $bizRule;
|
||||
$this->_data = $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks to see if the specified item is within the hierarchy starting from this item.
|
||||
@@ -74,11 +64,11 @@ class Item extends Object
|
||||
public function checkAccess($itemName, $params = array())
|
||||
{
|
||||
Yii::trace('Checking permission: ' . $this->_name, __METHOD__);
|
||||
if ($this->_auth->executeBizRule($this->_bizRule, $params, $this->_data)) {
|
||||
if ($this->manager->executeBizRule($this->bizRule, $params, $this->data)) {
|
||||
if ($this->_name == $itemName) {
|
||||
return true;
|
||||
}
|
||||
foreach ($this->_auth->getItemChildren($this->_name) as $item) {
|
||||
foreach ($this->manager->getItemChildren($this->_name) as $item) {
|
||||
if ($item->checkAccess($itemName, $params)) {
|
||||
return true;
|
||||
}
|
||||
@@ -87,22 +77,6 @@ class Item extends Object
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Manager the authorization manager
|
||||
*/
|
||||
public function getManager()
|
||||
{
|
||||
return $this->_auth;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return integer the authorization item type. This could be 0 (operation), 1 (task) or 2 (role).
|
||||
*/
|
||||
public function getType()
|
||||
{
|
||||
return $this->_type;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string the item name
|
||||
*/
|
||||
@@ -122,60 +96,6 @@ class Item extends Object
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string the item description
|
||||
*/
|
||||
public function getDescription()
|
||||
{
|
||||
return $this->_description;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $value the item description
|
||||
*/
|
||||
public function setDescription($value)
|
||||
{
|
||||
if ($this->_description !== $value) {
|
||||
$this->_description = $value;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string the business rule associated with this item
|
||||
*/
|
||||
public function getBizRule()
|
||||
{
|
||||
return $this->_bizRule;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $value the business rule associated with this item
|
||||
*/
|
||||
public function setBizRule($value)
|
||||
{
|
||||
if ($this->_bizRule !== $value) {
|
||||
$this->_bizRule = $value;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return mixed the additional data associated with this item
|
||||
*/
|
||||
public function getData()
|
||||
{
|
||||
return $this->_data;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param mixed $value the additional data associated with this item
|
||||
*/
|
||||
public function setData($value)
|
||||
{
|
||||
if ($this->_data !== $value) {
|
||||
$this->_data = $value;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds a child item.
|
||||
* @param string $name the name of the child item
|
||||
@@ -185,7 +105,7 @@ class Item extends Object
|
||||
*/
|
||||
public function addChild($name)
|
||||
{
|
||||
return $this->_auth->addItemChild($this->_name, $name);
|
||||
return $this->manager->addItemChild($this->_name, $name);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -197,7 +117,7 @@ class Item extends Object
|
||||
*/
|
||||
public function removeChild($name)
|
||||
{
|
||||
return $this->_auth->removeItemChild($this->_name, $name);
|
||||
return $this->manager->removeItemChild($this->_name, $name);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -208,7 +128,7 @@ class Item extends Object
|
||||
*/
|
||||
public function hasChild($name)
|
||||
{
|
||||
return $this->_auth->hasItemChild($this->_name, $name);
|
||||
return $this->manager->hasItemChild($this->_name, $name);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -218,7 +138,7 @@ class Item extends Object
|
||||
*/
|
||||
public function getChildren()
|
||||
{
|
||||
return $this->_auth->getItemChildren($this->_name);
|
||||
return $this->manager->getItemChildren($this->_name);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -233,7 +153,7 @@ class Item extends Object
|
||||
*/
|
||||
public function assign($userId, $bizRule = null, $data = null)
|
||||
{
|
||||
return $this->_auth->assign($userId, $this->_name, $bizRule, $data);
|
||||
return $this->manager->assign($userId, $this->_name, $bizRule, $data);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -244,7 +164,7 @@ class Item extends Object
|
||||
*/
|
||||
public function revoke($userId)
|
||||
{
|
||||
return $this->_auth->revoke($userId, $this->_name);
|
||||
return $this->manager->revoke($userId, $this->_name);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -255,7 +175,7 @@ class Item extends Object
|
||||
*/
|
||||
public function isAssigned($userId)
|
||||
{
|
||||
return $this->_auth->isAssigned($userId, $this->_name);
|
||||
return $this->manager->isAssigned($userId, $this->_name);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -267,7 +187,7 @@ class Item extends Object
|
||||
*/
|
||||
public function getAssignment($userId)
|
||||
{
|
||||
return $this->_auth->getAssignment($userId, $this->_name);
|
||||
return $this->manager->getAssignment($userId, $this->_name);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -275,7 +195,7 @@ class Item extends Object
|
||||
*/
|
||||
public function save()
|
||||
{
|
||||
$this->_auth->saveItem($this, $this->_oldName);
|
||||
$this->manager->saveItem($this, $this->_oldName);
|
||||
unset($this->_oldName);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -161,7 +161,7 @@ abstract class Manager extends Component
|
||||
{
|
||||
static $types = array('operation', 'task', 'role');
|
||||
if ($parentType < $childType) {
|
||||
throw new InvalidParamException("Cannot add an item of type '$types[$childType]' to an item of type '$types[$parentType]'.");
|
||||
throw new InvalidParamException("Cannot add an item of type '{$types[$childType]}' to an item of type '{$types[$parentType]}'.");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -80,14 +80,14 @@ class PhpManager extends Manager
|
||||
if (!isset($params['userId'])) {
|
||||
$params['userId'] = $userId;
|
||||
}
|
||||
if ($this->executeBizRule($item->getBizRule(), $params, $item->getData())) {
|
||||
if ($this->executeBizRule($item->bizRule, $params, $item->data)) {
|
||||
if (in_array($itemName, $this->defaultRoles)) {
|
||||
return true;
|
||||
}
|
||||
if (isset($this->_assignments[$userId][$itemName])) {
|
||||
/** @var $assignment Assignment */
|
||||
$assignment = $this->_assignments[$userId][$itemName];
|
||||
if ($this->executeBizRule($assignment->getBizRule(), $params, $assignment->getData())) {
|
||||
if ($this->executeBizRule($assignment->bizRule, $params, $assignment->data)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -117,7 +117,7 @@ class PhpManager extends Manager
|
||||
$child = $this->_items[$childName];
|
||||
/** @var $item Item */
|
||||
$item = $this->_items[$itemName];
|
||||
$this->checkItemChildType($item->getType(), $child->getType());
|
||||
$this->checkItemChildType($item->type, $child->type);
|
||||
if ($this->detectLoop($itemName, $childName)) {
|
||||
throw new InvalidCallException("Cannot add '$childName' as a child of '$itemName'. A loop has been detected.");
|
||||
}
|
||||
@@ -194,7 +194,13 @@ class PhpManager extends Manager
|
||||
} elseif (isset($this->_assignments[$userId][$itemName])) {
|
||||
throw new InvalidParamException("Authorization item '$itemName' has already been assigned to user '$userId'.");
|
||||
} else {
|
||||
return $this->_assignments[$userId][$itemName] = new Assignment($this, $userId, $itemName, $bizRule, $data);
|
||||
return $this->_assignments[$userId][$itemName] = new Assignment(array(
|
||||
'manager' => $this,
|
||||
'userId' => $userId,
|
||||
'itemName' => $itemName,
|
||||
'bizRule' => $bizRule,
|
||||
'data' => $data,
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -265,15 +271,15 @@ class PhpManager extends Manager
|
||||
if ($userId === null) {
|
||||
foreach ($this->_items as $name => $item) {
|
||||
/** @var $item Item */
|
||||
if ($item->getType() == $type) {
|
||||
if ($item->type == $type) {
|
||||
$items[$name] = $item;
|
||||
}
|
||||
}
|
||||
} elseif (isset($this->_assignments[$userId])) {
|
||||
foreach ($this->_assignments[$userId] as $assignment) {
|
||||
/** @var $assignment Assignment */
|
||||
$name = $assignment->getItemName();
|
||||
if (isset($this->_items[$name]) && ($type === null || $this->_items[$name]->getType() == $type)) {
|
||||
$name = $assignment->itemName;
|
||||
if (isset($this->_items[$name]) && ($type === null || $this->_items[$name]->type == $type)) {
|
||||
$items[$name] = $this->_items[$name];
|
||||
}
|
||||
}
|
||||
@@ -301,7 +307,14 @@ class PhpManager extends Manager
|
||||
if (isset($this->_items[$name])) {
|
||||
throw new Exception('Unable to add an item whose name is the same as an existing item.');
|
||||
}
|
||||
return $this->_items[$name] = new Item($this, $name, $type, $description, $bizRule, $data);
|
||||
return $this->_items[$name] = new Item(array(
|
||||
'manager' => $this,
|
||||
'name' => $name,
|
||||
'type' => $type,
|
||||
'description' => $description,
|
||||
'bizRule' => $bizRule,
|
||||
'data' => $data,
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -390,10 +403,10 @@ class PhpManager extends Manager
|
||||
foreach ($this->_items as $name => $item) {
|
||||
/** @var $item Item */
|
||||
$items[$name] = array(
|
||||
'type' => $item->getType(),
|
||||
'description' => $item->getDescription(),
|
||||
'bizRule' => $item->getBizRule(),
|
||||
'data' => $item->getData(),
|
||||
'type' => $item->type,
|
||||
'description' => $item->description,
|
||||
'bizRule' => $item->bizRule,
|
||||
'data' => $item->data,
|
||||
);
|
||||
if (isset($this->_children[$name])) {
|
||||
foreach ($this->_children[$name] as $child) {
|
||||
@@ -408,8 +421,8 @@ class PhpManager extends Manager
|
||||
/** @var $assignment Assignment */
|
||||
if (isset($items[$name])) {
|
||||
$items[$name]['assignments'][$userId] = array(
|
||||
'bizRule' => $assignment->getBizRule(),
|
||||
'data' => $assignment->getData(),
|
||||
'bizRule' => $assignment->bizRule,
|
||||
'data' => $assignment->data,
|
||||
);
|
||||
}
|
||||
}
|
||||
@@ -428,7 +441,14 @@ class PhpManager extends Manager
|
||||
$items = $this->loadFromFile($this->authFile);
|
||||
|
||||
foreach ($items as $name => $item) {
|
||||
$this->_items[$name] = new Item($this, $name, $item['type'], $item['description'], $item['bizRule'], $item['data']);
|
||||
$this->_items[$name] = new Item(array(
|
||||
'manager' => $this,
|
||||
'name' => $name,
|
||||
'type' => $item['type'],
|
||||
'description' => $item['description'],
|
||||
'bizRule' => $item['bizRule'],
|
||||
'data' => $item['data'],
|
||||
));
|
||||
}
|
||||
|
||||
foreach ($items as $name => $item) {
|
||||
@@ -441,7 +461,13 @@ class PhpManager extends Manager
|
||||
}
|
||||
if (isset($item['assignments'])) {
|
||||
foreach ($item['assignments'] as $userId => $assignment) {
|
||||
$this->_assignments[$userId][$name] = new Assignment($this, $name, $userId, $assignment['bizRule'], $assignment['data']);
|
||||
$this->_assignments[$userId][$name] = new Assignment(array(
|
||||
'manager' => $this,
|
||||
'userId' => $userId,
|
||||
'itemName' => $name,
|
||||
'bizRule' => $assignment['bizRule'],
|
||||
'data' => $assignment['data'],
|
||||
));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,9 +18,10 @@ create table [tbl_auth_item]
|
||||
[name] varchar(64) not null,
|
||||
[type] integer not null,
|
||||
[description] text,
|
||||
[bizrule] text,
|
||||
[biz_rule] text,
|
||||
[data] text,
|
||||
primary key ([name])
|
||||
primary key ([name]),
|
||||
key [type] ([type])
|
||||
);
|
||||
|
||||
create table [tbl_auth_item_child]
|
||||
@@ -36,7 +37,7 @@ create table [tbl_auth_assignment]
|
||||
(
|
||||
[item_name] varchar(64) not null,
|
||||
[user_id] varchar(64) not null,
|
||||
[bizrule] text,
|
||||
[biz_rule] text,
|
||||
[data] text,
|
||||
primary key ([item_name],[user_id]),
|
||||
foreign key ([item_name]) references [tbl_auth_item] ([name]) on delete cascade on update cascade
|
||||
|
||||
@@ -18,9 +18,10 @@ create table `tbl_auth_item`
|
||||
`name` varchar(64) not null,
|
||||
`type` integer not null,
|
||||
`description` text,
|
||||
`bizrule` text,
|
||||
`biz_rule` text,
|
||||
`data` text,
|
||||
primary key (`name`)
|
||||
primary key (`name`),
|
||||
key `type` (`type`)
|
||||
) engine InnoDB;
|
||||
|
||||
create table `tbl_auth_item_child`
|
||||
@@ -36,7 +37,7 @@ create table `tbl_auth_assignment`
|
||||
(
|
||||
`item_name` varchar(64) not null,
|
||||
`user_id` varchar(64) not null,
|
||||
`bizrule` text,
|
||||
`biz_rule` text,
|
||||
`data` text,
|
||||
primary key (`item_name`,`user_id`),
|
||||
foreign key (`item_name`) references `tbl_auth_item` (`name`) on delete cascade on update cascade
|
||||
|
||||
@@ -18,9 +18,10 @@ create table "tbl_auth_item"
|
||||
"name" varchar(64) not null,
|
||||
"type" integer not null,
|
||||
"description" text,
|
||||
"bizrule" text,
|
||||
"biz_rule" text,
|
||||
"data" text,
|
||||
primary key ("name")
|
||||
primary key ("name"),
|
||||
key "type" ("type")
|
||||
);
|
||||
|
||||
create table "tbl_auth_item_child"
|
||||
@@ -36,7 +37,7 @@ create table "tbl_auth_assignment"
|
||||
(
|
||||
"item_name" varchar(64) not null,
|
||||
"user_id" varchar(64) not null,
|
||||
"bizrule" text,
|
||||
"biz_rule" text,
|
||||
"data" text,
|
||||
primary key ("item_name","user_id"),
|
||||
foreign key ("item_name") references "tbl_auth_item" ("name") on delete cascade on update cascade
|
||||
|
||||
@@ -18,9 +18,10 @@ create table "tbl_auth_item"
|
||||
"name" varchar(64) not null,
|
||||
"type" integer not null,
|
||||
"description" text,
|
||||
"bizrule" text,
|
||||
"biz_rule" text,
|
||||
"data" text,
|
||||
primary key ("name")
|
||||
primary key ("name"),
|
||||
key "type" ("type")
|
||||
);
|
||||
|
||||
create table "tbl_auth_item_child"
|
||||
@@ -36,7 +37,7 @@ create table "tbl_auth_assignment"
|
||||
(
|
||||
"item_name" varchar(64) not null,
|
||||
"user_id" varchar(64) not null,
|
||||
"bizrule" text,
|
||||
"biz_rule" text,
|
||||
"data" text,
|
||||
primary key ("item_name","user_id"),
|
||||
foreign key ("item_name") references "tbl_auth_item" ("name") on delete cascade on update cascade
|
||||
|
||||
@@ -18,9 +18,10 @@ create table 'tbl_auth_item'
|
||||
"name" varchar(64) not null,
|
||||
"type" integer not null,
|
||||
"description" text,
|
||||
"bizrule" text,
|
||||
"biz_rule" text,
|
||||
"data" text,
|
||||
primary key ("name")
|
||||
primary key ("name"),
|
||||
key "type" ("type")
|
||||
);
|
||||
|
||||
create table 'tbl_auth_item_child'
|
||||
@@ -36,7 +37,7 @@ create table 'tbl_auth_assignment'
|
||||
(
|
||||
"item_name" varchar(64) not null,
|
||||
"user_id" varchar(64) not null,
|
||||
"bizrule" text,
|
||||
"biz_rule" text,
|
||||
"data" text,
|
||||
primary key ("item_name","user_id"),
|
||||
foreign key ("item_name") references 'tbl_auth_item' ("name") on delete cascade on update cascade
|
||||
|
||||
Reference in New Issue
Block a user